2017 Data Breaches Tops 1,200 Incidents

The latest count from the Identity Theft Resource Center (ITRC) reports that there have been 1,202 data breaches recorded this year through November 29 and that more than 172 million records have been exposed since the beginning of the year. The incident total is 17.6% higher than at the same time last year.

In 2016, the ITRC reported a record total of 1,093 breaches, and at the current pace that record could rise to around 1,500 this year.

Security consultant Brian Krebs has an interesting article about the amount of data available to anyone who gains access to the Free Application for Federal Student Aid (FAFSA) data collected when a student applies for scholarships or loans at colleges that award federal student aid dollars. With a student’s first and last names and Social Security number, more than 200 data points are available.

This data includes the student’s and parents’ adjusted gross income from federal tax returns plus a lot of details on parents financial and wealth status.

Given all the personally identifiable information floating around for sale on the internet and the dark web, access to this data is easily available for a modest sum. The U.S. Department of Education disputes Krebs’s description and he acknowledges that in the article. But if you are thinking of filing a FAFSA this year, this article is definitely worth a read.

The business sector leads them all in the number of records compromised so far in 2017 with more than 157 million exposed records in 620 incidents. That represents 51.6% of the incidents, and 91.4% of the exposed records so far this year.

The medical/health care sector has posted 28% (336) of all 2017 data breaches. The number of records exposed in these breaches totals more than 4.9 million, or about 2.9% of the 2017 total.

The educational sector has experienced 108 data breaches since the beginning of the year. The sector accounts for 9% of all breaches and more than 1.1 million exposed records, about 0.7% of the year’s total.

The government/military sector has suffered 60 data breaches to date in 2017, representing about 3.4% of the total number of records exposed and 5% of the incidents. About 5.8 million records have been compromised in the government/military sector.

The number of banking/credit/financial sector breaches now totals 78, some 6.5% of the total incidents reported so far this year. More than 2.9 million records have been reported to be compromised in the incidents.

Since beginning to track data breaches in 2005, ITRC had counted 8,099 breaches through November 29, 2017, involving almost 1.06 billion records.